Asian Social Science; Vol. 10, No. 21; 2014 ISSN 1911-2017 E-ISSN 1911-2025 Published by Canadian Center of Science and Education Project Risks Management Model on an Industrial Entreprise Shamil Makhmutovich Valitov 1 & Albina Zufarovna Sirazetdinova 1 1 Kazan (Volga Region) Federal University, Institute of Management, Economics and Finance, Kazan, Russia Correspondence: Albina Zufarovna Sirazetdinova, Kazan (Volga Region) Federal University, Institute of Economics and Finance, Boutlerova st., 4, 420008, Kazan, Russia. Received: June 9, 2014 Accepted: August 25, 2014 Online Published: October 30, 2014 doi:10.5539/ass.v10n21p242 URL: http://dx.doi.org/10.5539/ass.v10n21p242 Abstract The article proposes complex model of project risks management on an industrial enterprise, including interrelation of work stages in risk management, project risks evaluation and management methods and instruments; and an integrated index as an element of risks analysis technique. Project risk analysis and evaluation process takes one of the major places in procedural aspect. Risk management begins with the quality risk analysis where risks are identified and grouped. Results of quality risk analysis are used for the subsequent quantitative risk analysis which includes their evaluation in three key parameters: probability of a risk event, level of expected losses, limits of manageability of risks. Integrated index for risks analysis and evaluation developed by the author considers risks dual nature, probabilities balance, realization consequences and risks manageability. The function of this integrated index is identification of the project risks which can be influenced the most. Based on the calculation of integrated indexes of the identified project risks the decision on primary management for the risks with greater integrated indexes is made. The main procedure after the quantitative risk analysis of the risk management stage is to choose the risk management method and its subsequent application. It is necessary to analyze and generalize risk management activity efficiency, risk factors and uncertainty in the project finale. All the integrated information goes to an organization databank for further use. Keywords: risk, risks management, risks evaluation, project risks management, risks management method 1. Introduction Risks are inherent in any economic activity, and project activity of an enterprise isn't an exception. Success and efficiency of the project depends on competent and timely risk management. Not enough attention is paid to procedural aspects of risk management and to risks evaluation on many enterprises, this why development of theoretic-methodical basis of project risks management is one of actual scientific problems. Nowadays there are various international and national standards in the field of the risk management; the most prevalent of which are COSO The Committee of Sponsoring Organizations (ERM, 2004) and FERMA Federation of European Risk Management Associations (A Risk Management Standard, 2002) standards of risk management. COSO standard represents the principles of a risk management developed by The Committee of Sponsoring Organizations of the Treadway Commission together with the PricewaterhouseCoopers company to increase reliability of the enterprises reporting. Standard of Federation of European Risk Management Associations is developed by several leading organizations in risk management of Great Britain: The Institute of Risk Management (IRM), The Association of Insurance and Risk Manager (AIRMIC), The National Forum for Risk Management in the Public Sector; it s directed to formation of risk management system on any enterprise. These standards consider various aspects of risks, components of risk management and organizational aspects of a risk management on an enterprise. We should also mention A Guide to the Project Management Body of Knowledge (PMBOK Guide) (PMBOK, 2013) representing process approach to risk management on an enterprise. Processes are described in terms of: inputs (documents, plans, etc.), tools and techniques and outputs (documents, plans, etc.). A number of articles of International Journal of Project Management and Risk Analysis is devoted to actual problems of project risks management and analysis, in particular: Project risk management methodology for small firms of the Spanish researchers (Marcelino-Sádaba et al., 2014), Risk management in software projects through Knowledge Management techniques: Cases in Brazilian Incubated Technology-Based Firms (Neves et al. 2014), Modeling External Risks in Project Management (Palomo et al., 2007), The Effectiveness of Risk 242
Management: An Analysis of Project Risk Planning Across Industries and Countries (Zwikael & Ahn, 2011). etc. But we have to notice that the major part of research on risk management is dedicated to financial and IT risks evaluation, analysis and management problems. For example, such books as: Elements of Financial Risk Management (Christoffersen, 2011), Risk Management and Financial Institutions (Hull, 2006), Risk Management for IT Projects (Lientz & Larssen, 2006). A large amount of researches confirm relevance and complexity of problems in the field of a risk management, especially of project risks management. The project risk represents threat of loss or possibility of excess profit, associated with realization of unfavorable events within the project as possible consequences of decision-making in the conditions of uncertainty. At the same time the project risk is difficult and multidimensional phenomenon, representing project risks set, consisting of the elements specific as to the project, and characteristic for the whole environment of project implementation. 2. Methods 2.1 Project risks Management Model We offer project risks management model on an industrial enterprise, including direct procedure of risk management, algorithm of actions, interrelation of work stages in risk management and specific actions (fig. 1). Figure 1. Project risks management model 243
Risk management begins with the block of quality risk analysis where risks are identified and grouped. Basing on studying various classifications of risks, we defined classification of project risks by the most significant classification signs: location of danger origin, scale of expected losses, probabilities of risk emergence (tab. 1). Results of quality risk analysis are used for the subsequent quantitative risk analysis which includes their evaluation in three key parameters: probability of a risk event, level of expected losses, limits of manageability of risks. It s supposed to use an integrated index which brings together all considered parameters of risk during risks evaluation. Beside the mentioned integrated index other methods of evaluation are used on the stage of quantitative risk analysis as well, particularly plotting a map of project risks. After considering the results of quantitative risk analysis there would be elaboration or adjustment of the project plan with regard to the identified and estimated risks. A matrix of responsibility of the project is being plotted which is supposed to regulate the project work and roles of project team members. Table 1. Project risks classification Classification sign location of emergence of danger scale of expected losses probabilities of emergence of risk Project risk kind - external: political, normative-legal, social-economic, ecological, technical - internal: in the sphere of project management, in the production sphere, in the distribution sphere - risks of interaction connected with: a contradiction of the project team members interests, infringement of investor interests, suppliers and contractors of works and services, customers of the project, end users - admissible (risk of losses due to insignificant excess of the project budget, insignificant excess of project terms, the project profits are less than planned) - critical (considerable failure of the project on terms and costs, profit loss) - catastrophic (full termination of project, loss on the project) - improbable - probable - quite probable The main procedure after the quantitative risk analysis of the risk management stage is to choose the risk management method and its subsequent application. An enterprise should consider all groups of risk management methods and apply them both on a planning phase, and on a phase of the project realization. These methods are: evasion, localization, diversification and compensation of risks. The process is being monitored during application of risk management methods; different corrections might be required after that. One of the models blocks is project risks hedging, as one of perspective and effective methods of risk management, having wide applicability, for example in the projects dealing with foreign economic activity of an enterprise. After project completion it is necessary to do the analysis of the risk management activity efficiency, analyze and generalize risk factors and uncertainty by results of the project. All the integrated information goes directly to an organization databank, and subsequently is used in risk management of new projects. With this regard it s especially important to document risk management on the enterprise, as it would develop organization expertise in applicability of different methods of risk management and consequently ease the further project management. For example, elaboration of the risk management standard on the enterprise would improve the risk management system. Thus, using the considered model of risk management on an enterprise would allow to structure the risk management system, to consider procedural aspect of risk management through development of actions algorithm on each stage of project realization, and to carry out feedback of studied process, having an enterprise databank in the field of risk management formed. A risk management system implementation would also solve the problem of unforeseen risks for the enterprise and its projects, ease decision-making on risks and lower costs of risk management in comparison with existing level. 2.2 Project Risk Management Algorithm The described model of project risk management can be represented schematically as an algorithm, consistently reflecting stages of risk management (See figure 2). 244
Project risk analysis and evaluation process takes one of the major places in procedural aspect. One of the quantitative risk analysis blocks in the offered model of project risk management is the risks evaluation on the following most important indicators: Probability of a risk event approach, Financial results of a risk event, Capability to influence on the realization of a risk event or its consequences. These indicators have to be also used in calculation of an integrated index of the identified project risks. Figure 2. Project risk management algorithm 2.3 Indicators of Project Risks Evaluation The integrated index of separate risk is calculated by the following formula: ( p C + p P) + b, II = a (1) 1 2 M where: II an integrated index, a weight value of probable result of risk event approach, p 1 probability of unfavorable aspect of a risk event, C estimation of possible loss of an unfavorable risk event approach in points, 245
p 2 improvement probability in a project risk situation, Р estimation of possible profit of a favorable risk event approach in points, b weight value of a risk manageability factor due to the enterprise, M estimation of a risk manageability due to the enterprise in points. The function of this integrated index is identification of the project risks which can be influenced the most. All the three included indicators are estimated in points, and their weight values in shares, with the sum of net weight values equal to 1. Point estimation of factors and their weight values are calculated by empirical or economical and statistical methods, taking into account indicators of the specific project and history of risks on the enterprise, for example, method of expert evaluation of risk managers and department heads involved in project realization. Weight values of factors a and b are defined by the manager s risk appetite, his disposition to financial indicators or control actions. In case risk event approach and risk manageability relations to the result are equal, weight values are equated to each other (value 0.5), and don't influence the integrated index. Evaluations in points from 0 to 10 correspond to the expected risk level and probability of its approach expressed as a percentage, and an expert evaluation of the risk manageability. As a result of indicators multiplication by their specific weights, comes the integrated index which is measured in range from 0 to 10. Expected financial results of risks realization are transferred to estimation in points by the following scale (See table 2). Table 2. Correspondence of expected losses or profits per cent to project budget to estimation in points Expected losses or profits of the risk event approach to project budget, % Point assessment 0-0,9 0 1-2,4 1 2,5-3,9 2 4-5,4 3 5,5-6,9 4 7-8,4 5 8,5-9,9 6 10-11,4 7 11,5-12,9 8 13-14,9 9 15 10 We allocate three intervals of the integrated index values: 1. II = 7,01-10 this level of risks demands primary management, 2. II = 3,51-7 risks need to be followed up, take measures to manage them in case funds and resources are available, 3. II = 0-3,5 this level of risks is negligible. The integrated indexes of separate risks are found as an arithmetic average of all values on the basis of all expert evaluations. Based on the calculation of integrated indexes of the identified project risks the decision on primary management for the risks with greater integrated indexes (more than 7) is made. The risks with smaller integrated indexes (less than 3,5) are considered acceptable, they should be operated only in case of availability of funds and after the analysis of management expediency due to the ratio of necessary expenses and planned result. It is necessary to do factorial risk analysis with greater values of integrated indexes which would elicit the cause of high value of an integrated index. Various combinations of considered parameters can result it, for example: high probability of unfavorable aspect realization of a risk event at the same time with high level of expected loss; high weight value of the risk manageability factor from the enterprise, along with a high level estimation of the risk management. Thus, in the first case the project refusal is possible, whereas in the second case managers will be most likely inclined to accept the project and to allocate funds for this risk management. 246
In case it is necessary to compare some projects on a risk level, an overall project risk is found which is determined by the sum of all integrated indexes by separately taken risks divided by their quantity. Thus, it is possible to compare projects due to their risk-taking. 3. Results This technique is effective as it connects the most dangerous and probable risks to their manageability. At the same time, use of this technique doesn't exclude but promotes application of other risk analysis methods. The formula above is fully applicable to the analysis of speculative risks which can behave both as losses and as additional profit for the businessman in relation to an expected result. In the formula (1) this characteristic is reflected by probability of favorable and unfavorable aspects of a risk event realization and point evaluation of financial result from the aspects realization. And, not always the sum (p 1 + p 2 ) is equal to 1, neutral course of events take place more often when the risk situation invariance is predicted. However, this situation isn't presented in calculations because its financial result is equal to zero. Such course of events possibility is considered in separate probabilities evaluations p 1 and p 2. At risk evaluation of production modernization and technical rearmament projects the formula of calculation of an integrated index can become simpler due to unfavorable event realization probability because the majority of risks are connected to technological, technical and social factors, but aren't speculative. The commercial risks connected, for example, with purchase of the equipment in foreign currency can make an exception. Covariance of risks evaluation plays an important role; it expresses the degree of statistical dependence between two sets of data; their correlation characterizes proximity and direction of relationship between risks. However, the main problem is that concepts of covariance and correlation are generally applicable only to financial risks and are calculated with a considerable rate of consistency on the basis of the set of statistical information. The problem is that there might be no such set of statistical information for project risks, or the statistics would only concern various indicators which would be difficult to be brought together for the correlation analysis. It s also impossible to base upon the integrated indexes of various risks calculated by the offered formula on a great number of various experts. The essence of risk analysis is in identification of various expert evaluations and bringing their data together; these evaluations can have various methodical and statistical basis, and basically give negative correlation which, in our opinion, doesn't make sense in project risks (except financial). For example, the risk of low-quality materials supply can cause risk of the machine malfunction, thus there s no feedback between those risks. The risks of the project can strengthen each other or have no interference at all. The only financial risks might be the exception, but they can be only a part of the set of all project risks. To avoid the interference we consider necessary to reveal cause-and-effect relationships and to set risk factors in order to decrease the risks interference. Evaluating overall risks of several projects, in our opinion, plotting the scheme of risks where arrows show possible influence of one risk to another (in respect of its strengthening). Maximum possible number of connections between risks is defined by formula: п ( п 1) (2) where n is amount of the risks to be analysed. Moreover, possibility of mutual influence of risks is considered, in case of which risk from one quadrant on the scheme will be both direct, and the return arrow to other risk quadrant. After plotting the risks scheme with the indication of their interference, calculation of probable connections is done and the cumulative integrated index of project risk can be increased by coefficient: n ( n 1) + m n ( n 1) (3) where m - number of available connections between evaluated risks. Thus, in case of comparison of various projects on a risk level it is possible to consider not only overall risk on a set of the identified risks, but also probable interference of considered risks. 4. Discussion There is a number of researches on highlighted aspects in the article. Following researchers study risk management in Russia. Gracheva M. wrote several books about project risk management (Gracheva & Sekerin, 2009) and project risks analysis (Gracheva, 1999). She assumes that project risks analysis can be divided to the quality (all the estimated project risks description, plus their consequences and decreasing measures monetary evaluation) and the quantity (actual calculations of project effectiveness shift due to the risks). Risk analysis in 247
the offered model is also divided to the quality and the quantity, but the risks consequences monetary evaluation refers to the quantity risk analysis as well as risk management effectiveness evaluation. Shapkin A. and Shapkin V. highlighted risky situations' modeling (Shapkin & Shapkin, 2005). Besides that they have analyzed different authors risks classifications, than they have primarily marked out clear and speculative risks, after that they ve allocated the risks according to the sphere and the reason of appearance. Offered general risks classification principles based the authorial classification, yet the principles were reviewed within the project but not the whole enterprise. Risk management literature analysis shows that it all comes to a certain procedures set: risk management planning, identification, quality and quantity estimation, risks reacting planning, monitoring and control. This algorithm has been described in project management body of knowledge (PMBOK, 2013), and it s being represented in our model. The procedures are being thoroughly analyzed and updated in different researches. Almost all the publications on risk management are paying much attention to risks classification, but the majority of researchers limit themselves just with losses possible reasons recital. The suggested classification conforms to the requirements based on certain notable criteria as the main task of risks classification is their adjustment and afterward risks level estimation. Risks management consistent steps should be integrated into the whole project management common system. Project management: Study book (Mazur & Shapiro, 2010) represents risks management as one of the most important elements of project management. Similar interpretation is also present in the Study book by Razu (Razu, 2010). So, the project risks management model we suggested including proprietary risks integral estimation method is a key project management field, and a project stable realization and success is nearly impossible without it. 5. Conclusion After an evaluation of all integrated indexes of project risks, various actions for risk management are offered starting with risks with the highest integrated indexes. Each method of management has certain expenses and implies certain result. Efficiency of different methods of management is estimated by exceeding of benefits over expenses. The efficiency of measures taken within the project realization is established on the results of risk management. By the end of the project the efficiency of the taken measures, losses and economy is analyzed. Necessary information goes to the organization databank and subsequently is used in risk management of new projects. With this regard documenting is especially important for risk management on an enterprise, as it considerably would ease the management of the subsequent projects and would improve the organization expertise of different methods applicability expediency of its application in risk management. The meaning of the research is to offer new risks management model, which wholistically reviews the process of project risks management on an industrial enterprise in general, starting from a risk s identification moment up to forwarding the information to an organization databank. Based on this model there s a possibility to build a general risk-management system as for a single project, as for the whole enterprise. It s quite simple to figure out an offered integrated index, and it s applicable to different risks on different enterprises. For example it s possible to forward funds to managing the most probable or dangerous risk of the project with the help of the index, or choose one project out of several alternatives. This research is limited by one sided project risks analysis studying through suggested integrated index. Also it wasn't possible to reveal project risks management methods based on their analysis within one article. In order to raise the effectiveness of the suggested methodology it should be completed with variety of up to time risk management methods and instruments, and should also be developed a complex algorithm for selecting the most effective project risk management methods. References A Guide to the Project Management Body of Knowledge (PMBOK Guide) (5th ed., p. 589). (2013). Project Management Institute. Christoffersen, P. (2011). Elements of Financial Risk Management (2nd ed., p. 344). Academic Press. Enterprise Risk Management Integrated Framework (ERM). (2004). Retrieved March 1, 2014, from http://www.coso.org/publications/erm/coso_erm_executivesummary.pdf Gracheva, M. V. (1999). Project risks analysis (p. 216). Finstatinform, Moscow. Hull, J. C. (2006). Risk Management and Financial Institutions (1st ed., p. 500). Prentice Hall. Gracheva, M. V., & Sekerin, A. B. (2009). Investment projects risk management: Textbook (p. 544). Unity-Dana, 248
Moscow. Lientz, B., & Larssen, L. (2006). Risk Management for IT Projects. How to Deal with Over 150 Issues and Risks. Butterworth Heinemann (p. 331). Marcelino-Sádaba, S., Pérez-Ezcurdia, A., Echeverría Lazcano, A. M., & Villanueva, P. (2014). Project risk management methodology for small firms. International Journal of Project Management, 32(2), 327-340. http://dx.doi.org/10.1016/j.ijproman.2013.05.009 Neves, S. M., da Silva, C. E. S., Salomon, V. A. P., da Silva, A. F., Sotomonte, B. E. P. (2014). Risk management in software projects through Knowledge Management techniques: Cases in Brazilian Incubated Technology-Based Firms. International Journal of Project Management, 32(1), 125-138. http://dx.doi.org/10.1016/j.ijproman.2013.02.007 Palomo, J., Rios Insua, D., & Ruggeri, F. (2007). Modeling External Risks in Project Management. Risk Analysis, 27(4), 961-978. http://dx.doi.org/10.1111/j.1539-6924.2007.00935.x Mazur, I. I., & Shapiro, V. D. (Eds.). (2010). Project management: Study book (6th ed., p. 960). Omega-L, Moscow. Knorus, R. M. L. (Ed.). (2010). Project management. Project management basics (p. 760). Moscow. Shapkin, A. S., & Shapkin, V. A. (2005). Risk theory and risky situations modeling: study book (p. 880). Moscow: Dashkov & C Publishing and Trading Corp. Zwikael, O., & Ahn, M. (2011). The Effectiveness of Risk Management: An Analysis of Project Risk Planning Across Industries and Countries. Risk Analysis, 31(1), 25-37. http://dx.doi.org/10.1111/j.1539-6924.2010.01470.x A Risk Management Standard. (2002). Retrieved March 1, 2014, from http://www.theirm.org/publications/ documents/risk_management_standard_030820.pdf Copyrights Copyright for this article is retained by the author(s), with first publication rights granted to the journal. This is an open-access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/). 249